On 05.09.2013 15:04, Paul E. Jones wrote:
A useful behavior would be to have the option to rename the existing file, or to choose a different name for the newly created file. (Deletion should be deferred to the user, who should be using a secure shred program, at least for the plaintexts).
If the file is already encrypted or decrypted, why offer to create another version with a different name?
Ah, this is because it's not necessarily the same file. The source file may have changed, and so the target plaintext or ciphertext may be out of date. For instance, you may be working on a document and over the course, encrypt it more than once. Keeping an out of date ciphertext could be handy since the prior version of the plaintext can be retrieved from it. If that isn't wanted, the program could optionally delete or simply overwrite it. (Insecure deletion of ciphertext doesn't raise an issue.) Keeping an out of date plaintext allows the program to avoid implementing secure deletion. The file plain.txt is renamed to plain.txt.1 or whatever, and the user can deal with disposing of plain.txt.1.